---
description: 'The Google Cloud provider for Nitric'
---

# Google Cloud Provider Overview

_The officially supported Nitric Google Cloud Platform (GCP) Provider._

```yaml
provider: nitric/gcp@latest
```

<Note>
  See the [Overview](/providers/pulumi) page for general information on Nitric
  Pulumi providers.
</Note>

The Google Cloud provider is supported by the Nitric SDKs and CLI by default. However, credentials for a Google Cloud account will be required when using the [up command](/reference/cli) from the CLI.

## Google Cloud Credentials

Authorize `gcloud` to access the Cloud Platform with Google user credentials:

```bash
gcloud auth application-default login
```

### Google CLI Installation

Installing the Google Cloud CLI assists with credentials setup. You can install it using these summarized instructions, for more options see the [Google docs](https://cloud.google.com/sdk/install).

<OSTabs>

<TabItem label="Windows">

Download & install the [latest CLI release](https://cloud.google.com/sdk/install#windows).

</TabItem>

<TabItem label="Linux">

```bash
curl -O https://dl.google.com/dl/cloudsdk/channels/rapid/downloads/google-cloud-sdk-378.0.0-linux-x86_64.tar.gz
```

</TabItem>

<TabItem label="macOS">

Download & install the [latest CLI release](https://cloud.google.com/sdk/install#mac).

</TabItem>

</OSTabs>

## Create Billing Account

For Google Cloud to allow deployments, a billing account must be [created and attached](https://console.cloud.google.com/billing) to the project you deploy to.

## Importing Existing Resources

The Nitric team is working to expand the list of resources that can be imported. Currently, only the following resources are supported:

- [Secrets](/secrets)

<Note>
  Only resources in the same GCP project as specified by gcp-project-id are
  currently supported.
</Note>

### Secrets

To import a secret, you will need to know the secret's unique name. You can find the name of a secret in the Google Cloud Secret Manager in the browser or by using the gcloud CLI.

First, add the secret to your project as you usually would if it wasn't imported. Then add the secret to the `import` section of your stack file. Here's an example of how to import a secret:

```javascript
import { secret } from "@nitric/sdk

const mySecret = secret("credentials").allow("access");
```

```yaml
import:
  secrets:
    credentials: existing-secret
```

Need to import another resource type or have another question? Chat with us on [Discord](https://nitric.io/chat) or [open an issue](https://github.com/nitrictech/nitric/issues) on GitHub.

## Stack Configuration

```yaml title:nitric.[stack ID].yaml
# The provider to use and it's published version
# See releases:
# https://github.com/nitrictech/nitric/tags
provider: nitric/gcp@latest

# The target GCP region to deploy to
# See available regions:
# https://cloud.google.com/run/docs/locations
region: my-gcp-stack-region

# ID of the google cloud project to deploy into
gcp-project-id: my-gcp-project-id

# All configuration below is optional

# The timezone that deployed schedules will run with
# Format is in tz identifiers:
# https://en.wikipedia.org/wiki/List_of_tz_database_time_zones
schedule-timezone: Australia/Sydney

# Import existing GCP Resources
# Currently only secrets are supported
# Available since v1.4.0
import:
  # A map of nitric names to GCP Secret Manager names
  secrets: # Available since v1.4.0
    # NOTE: Imported secrets must exist in the same project as specified by gcp-project-id
    # In typescript this would import the provided secret reference for a secret declared as
    # const mySecret = secret('my-secret');
    my-secret: existing-secret

# Apply configuration to nitric APIs
apis:
  # Target an API by its nitric name
  my-api:
    # provide domains to be used for the api
    description: An Azure API

# Add CDN configuration, required for websites deployments
# Available since v1.20.0
cdn:
  # The name of the Google Cloud DNS Zone to use when configuring the website DNS
  zone-name: yourzone
  # A valid subdomain for the DNS Zone to use for the deployed websites endpoint
  domain-name: app.example.com
  # The following configuration values are optional
  # Specify the TTL the CDN sends in the Cache-Control or Expires headers to clients
  client-ttl: 3600
  # Specify the TTL for content cached by the CDN when the origin server does not provide any caching directives
  default-ttl: 604800
  # Skip CDN cache invalidation during deployments (defaults to false)
  skip-cache-invalidation: true

# Configure your deployed services
config:
  # How services without a type will be deployed
  default:
    # configure services to deploy to Google Cloud Run
    cloudrun:
      # set 512MB of RAM
      # See cloudrun configuration docs here:
      # https://cloud.google.com/run/docs/configuring/memory-limits
      memory: 512
      # set a timeout of 15 seconds
      # https://cloud.google.com/run/docs/configuring/request-timeout
      timeout: 15
      # The maximum number of instances to scale down to
      # https://cloud.google.com/run/docs/configuring/min-instances
      min-instances: 0
      # The maximum number of instances to scale up to
      # https://cloud.google.com/run/docs/configuring/max-instances
      max-instances: 10
      # Number of concurrent requests that each instance can handle
      # https://cloud.google.com/run/docs/configuring/concurrency
      concurrency: 80
  # Additional deployment types
  # You can target these types by setting a `type` in your project configuration
  big-service:
    cloudrun:
      memory: 1024
      timeout: 60
      min-instances: 2
      max-instances: 100
      concurrency: 1000
```

### Websites

When deploying [websites](/websites), Google Cloud CDN doesn't automatically provide DNS names for deployed sites, so a DNS name must be provided. To do this you'll need to register a new domain name (or use one you already own), then configure the domain (or a subdomain) so that it uses the Google Name Servers (using a Google Cloud DNS Zone).

The DNS Zone in Google will then allow Nitric to create DNS records that route traffic to the CDN. Here are the steps:

- Purchase/Register a domain name with your domain registrar of choice.
- Navigate to https://console.cloud.google.com/net-services/dns/zones in your GCP Project
- Click `CREATE ZONE`
- Leave `Public` selected
- Enter a `Zone name`, and `Description` of your choice
- Enter your domain name (or subdomain) in the `DNS name` field
- Optionally enable DNSSEC
- Click `CREATE`

Now that the DNS Zone is created, you need to configure your registrar (domain) or existing DNS (subdomain) to point at the new name servers created for the zone.

The configuration detail are available on the `Zone details` page by clicking `REGISTRAR SETUP`. This step is different depending on your chosen domain registrar. Below are some general steps depending on whether your configuring the primary domain or a subdomain.

#### Domain

Your registrar (e.g. Namecheap, GoDaddy, Cloudflare, etc.) will allow you to change the name servers for you domain, sometimes this is called 'Custom DNS'. Add each of the name servers (NS records) from the Registrar setup dialog in the relevant config page for your registrar.

#### Subdomain

If you're configuring a subdomain e.g. app.yourdomain.com, you can simply add the NS records to your existing DNS configuration for the chosen subdomain. Typically, the config will look something like this:

<Note>Substitute your values for `Host` and `Nameserver`</Note>

| Record Type | Host | Nameserver                    |
| ----------- | ---- | ----------------------------- |
| NS Record   | app  | ns-cloud-a1.googledomains.com |
| NS Record   | app  | ns-cloud-a2.googledomains.com |
| NS Record   | app  | ns-cloud-a3.googledomains.com |
| NS Record   | app  | ns-cloud-a4.googledomains.com |

<Note>
  If you enabled DNSSEC for the zone you will also need to create the relevant
  DS record
</Note>

### Stack file configuration

Now that you have your DNS Zone created and Nameservers configured you can add the relevant config to your GCP stack file.

```yaml title:nitric.[stack ID].yaml
# Add to your stack file
cdn:
  # The name of the DNS Zone you configured in Google Cloud DNS
  zone-name: yourzone
  # The domain name or subdomain you want to use for your website (any valid subdomain for the zone is permitted)
  domain-name: app.example.com
```

<Note>
  Missing something? Let us know by raising an issue in
  [GitHub](https://github.com/nitrictech/nitric) or by dropping us a line on
  [Discord](https://nitric.io/chat)
</Note>
